Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,227
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,502
Pub
12
RubyGems
995
Rust
1,187
Swift
51
Unreviewed advisories
All unreviewed
5,000+

186 advisories

Loading
Rack session gets restored after deletion Moderate
CVE-2025-32441 was published for rack (RubyGems) May 8, 2025
stengineering0 Credited to stengineering0, jeremyevans, and ioquatix jeremyevans jeremyevans
ioquatix ioquatix
Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability. This vulnerability allows... Moderate Unreviewed
CVE-2024-6029 was published Apr 30, 2025
Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be... Moderate Unreviewed
CVE-2025-3599 was published Apr 30, 2025
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: Prevent parser... Moderate Unreviewed
CVE-2025-22060 was published Apr 16, 2025
Information disclosure may be there when a guest VM is connected. Moderate Unreviewed
CVE-2025-21431 was published Apr 7, 2025
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp:... Moderate Unreviewed
CVE-2025-21998 was published Apr 3, 2025
In the Linux kernel, the following vulnerability has been resolved: Revert "openvswitch: switch... Moderate Unreviewed
CVE-2025-21958 was published Apr 1, 2025
In the Linux kernel, the following vulnerability has been resolved: Input: synaptics - fix crash... Moderate Unreviewed
CVE-2025-21746 was published Feb 27, 2025
Duende.AccessTokenManagement race condition when concurrently retrieving customized Client Credentials Access Tokens Moderate
CVE-2025-26620 was published for Duende.AccessTokenManagement (NuGet) Feb 19, 2025
Time-of-check time-of-use race condition for some Intel(R) Battery Life Diagnostic Tool software... Moderate Unreviewed
CVE-2024-41917 was published Feb 13, 2025
Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use (TOCTOU)... Moderate Unreviewed
CVE-2025-22394 was published Jan 15, 2025
The virtio_vq_recordon function is subject to a time-of-check to time-of-use (TOCTOU) race... Moderate Unreviewed
CVE-2024-51563 was published Nov 12, 2024
In the Linux kernel, the following vulnerability has been resolved: fork: do not invoke uffd on... Moderate Unreviewed
CVE-2024-50220 was published Nov 9, 2024
NVIDIA Container Toolkit allows specially crafted container image to create empty files on the host file system Moderate
CVE-2024-0133 was published for github.com/NVIDIA/nvidia-container-toolkit (Go) Oct 29, 2024
In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown... Moderate Unreviewed
CVE-2024-49998 was published Oct 21, 2024
Magento Open Source Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability Moderate
CVE-2024-45120 was published for magento/community-edition (Composer) Oct 10, 2024
Duplicate Advisory: NVIDIA Container Toolkit allows specially crafted container image to create empty files on the host file system Moderate
GHSA-g4pj-mx9f-m2mh was published for github.com/NVIDIA/nvidia-container-toolkit (Go) Sep 26, 2024 withdrawn
This vulnerability occurs when an attacker exploits a race condition between the time a file is... Moderate Unreviewed
CVE-2024-6787 was published Sep 21, 2024
Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can... Moderate Unreviewed
CVE-2024-7531 was published Aug 6, 2024
In the Linux kernel, the following vulnerability has been resolved: ice: Don't process extts if... Moderate Unreviewed
CVE-2024-42107 was published Jul 30, 2024
Apache StreamPipes potentially allows creation of multiple identical accounts Moderate
CVE-2024-30471 was published for org.apache.streampipes:streampipes-parent (Maven) Jul 17, 2024
Path traversal in Team Chat for some Zoom Workplace Apps and SDKs for Windows may allow an... Moderate Unreviewed
CVE-2024-39826 was published Jul 15, 2024
Race condition in the installer for Zoom Workplace App for Windows and Zoom Rooms App for Windows... Moderate Unreviewed
CVE-2024-39821 was published Jul 15, 2024
A vulnerability was discovered in Samsung Mobile Processor Exynos 980, Exynos 990, Exynos 1080,... Moderate Unreviewed
CVE-2024-27361 was published Jul 9, 2024
A race condition could lead to a cross-origin container obtaining permissions of the top-level... Moderate Unreviewed
CVE-2024-6601 was published Jul 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database